Random Human Entropy Used for Secure Identity Generation

Subscribe and Return Every Monday, Wednesday, and Saturday for a Dose of Privacy.

ODIN.Chat a Secure, Blockchain-Powered, Decentralized-Messenger

ODIN wants you to own your conversation. Having realized the potential for a doomsday scenario where massive leaks of personal data lead to real-world consequences, ODIN Blockchain decided to do something about it and built ODIN.Chat, a blockchain-powered, secure messenger with the end user’s privacy in mind.

Definitions

Entropy — a measure of the number of possible arrangements the atoms in a system can have. In this sense, entropy is a measure of uncertainty or randomness. (eoht.info)

Human Entropy can be used as an extension of this. E.g. the randomness of human movement.

Bitcoin Improvement Proposal [BIP]— is a design document for introducing features or information to Bitcoin. The BIP should provide a concise technical specification of the attribute and a rationale for the feature. This is the standard way of communicating ideas since Bitcoin has no formal structure.

There are three types of BIPs
1. Standards Track BIPs — Changes to the network protocol, block or transaction validation, or anything affecting interoperability.

2. Informational BIPs — Design issues, general guidelines. This type of BIP is NOT for proposing new features and do not represent community consensus

3. Process BIPs — Describes or proposes a change in process. Similar to Standards BIPs but apply outside the Bitcoin protocol. (Bitcoin.it.wiki)

Hierarchical Deterministic Wallets [HD Wallets] — wallets which can be shared partially or entirely with different systems, each with or without the ability to spend coins. (GitHub.com)

While BIPs, particularly that of BIP 32, was created by the Bitcoin community, many chains, including ODIN’s Blockchain, make use of them because the structure is sound and often cross-compatible.

A High-Level Overview of How HD Wallets Can Be Used Outside the Use of Coin Spends

If you’re anything like me, you see the word wallet and immediately think, “the storing of a currency to be exchanged or spent.” While that may be true, for the duration of this article, suspend that notion in favor of this: Heirachecial Deterministic Wallets can and in fact are often used for the function of Child Key Derivations (both public and private) — which can in turn act as a method of generating a unique identifier ala your ODIN.CHAT unique user ID.

BIP 32 Infographic Showing from Root (Master Node) to Varying Branch Structures

BIP 32 Changes

  • Added private derivation for i ≥ 0x80000000 (less risk of parent private key leakage)
  • Switched from multiplication by IL to addition of IL (faster, easier implementation)
  • Added test vectors
  • Rename keys with index ≥ 0x80000000 to hardened keys, and add explicit conversion functions.
  • Added test vectors for hardened derivation with leading zeros

Additional Variables Ensuring Anonymity via both Controlled and Random Variables

Upon completion of installation, via a combination of both controlled and random variables, you will be granted an eight-character alphanumeric ODIN ID. (e.g. 8Y2NKZ3D@ODIN) let’s discuss how this ID comes to be.

Before we get started, here’s a list of things we don’t ask for when you use our product: your name, your date of birth, your address, we don’t even ask for your email address, all of which other companies see as revenue when you sign up. We don’t even ask you to create a username and risk being linked to other accounts that might share certain features of that name. It truly is private.

So how do we do it?

I discussed previously the use of BIP32 and its ability to create Child Key Derivations (both public and private) and how those can be used to generate a unique identifier. We didn’t see this as being enough, so we’ve added a few more variables which I’ll list off now:

Environmental Properties
-Device Make / Model
-Time / Date of Generation
-Device Screen Size

Random Human Input Properties
-Random User Finger Movement Across the Screen

The final step in generating your unique eight-character alphanumeric ODIN ID calls for you (the user) to add human-driven entropy (random finger movements across the screen) as a final input. This movement, while *potentially* theoretically able to be replicated (*I’d argue heavily against this as human dexterity and timing doesn’t allow for mirrored replication of motion to the millisecond), matters not when combined with the environmental properties of the device make and model, time and date of generation, and the like. All variables are then compiled and hashed using an algorithm which uses the address itself as the *salt.

*In password protection, salt is a random string of data used to modify a password hash. Salt can be added to the hash to prevent a collision by uniquely identifying a user’s password, even if another user in the system has selected the same password. Salt can also be added to make it more difficult for an attacker to break into a system by using password hash-matching strategies because adding salt to a password hash prevents an attacker from testing known dictionary words across the entire system. (TechTarget.com)Where do I find out more about ODIN?

About the author

Christopher Reeder is ODIN Blockchain’s Lead Content Strategist and Technical Writer. As an advocate and researcher, he is exploring technology’s impact on privacy.

Interested in Blockchain and Cryptocurrency Technologies? Join the ODIN community!

All community ongoings and official support take place on the ODIN Reddit. Free to join — get involved now!

Read more about how to get Ø(ODIN) here.

ODIN.CHAT is available now on the Google Play Store.

Published by Christopher Reeder

Making technology easier to understand.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: